Rpm for Linux program package management
Rpm Introduction
Rpm (Red Hat Package Manager) is an open software Package management system. It works in Red Hat Linux and other Linux systems and has become a widely recognized software package management standard in Linux.
Rpm packages each component file of the compiled application into one or several package files to facilitate management operations such as package installation, upgrade, uninstallation, and query.
Rpm maintains a database of all installed software packages and files, allowing you to query and verify powerful software packages.
Rpm Functions
Install:-I, -- install
Uninstall:-U, -- update,-F, -- freshen
Upgrade:-e, -- erase
Query:-q, -- query
Verification:-V, -- verify
Database Maintenance: -- builddb,-initdb
Rpm package naming format
The rpm package naming format is generally divided into two parts.
The first part is the source code version, for example:
Name-VERSION.tar.gz
Name: name of the source code package
VERSION:
- Major: Main version number. It is changed only when the program function changes significantly.
- Minor: minor version number. A minor branch of a program function changes.
- Release: release number, which can be changed only when a BUG is corrected or a code segment is upgraded.
The second part is the version prepared by rpm packaging.
If the source code is compared to the flour, the rpm package is compared to the steamed bread, the difference is: the flour has different techniques, and the flour has made a variety of delicious steamed bread.
The final package format is as follows:
name-VERSION-release.arch.rpm
Where
Name-VERSION still follows the name of the source code package
Release: The release Number of the rpm package.
Arch: Specifies which operating system platform is applicable, including i386, x64 (amd64), ppc, and noarch.
Get package
In addition to the rpm software package that comes with the system release CD, you usually need to download it from the Internet. The following are several ways to obtain the software package reliably:
(1) official file server (or image site)
http://mirrors.aliyum.com
http://mirrors.sohu.com
http://mirrors.163.com
(2) official site of the project
(3) third-party organizations:
(A) EPEL
(B) search engine
Http://pkgs.org
Http://rpmfind.net
Http://rpm.pbone.net
(4) compile it by yourself.
Check the validity and integrity of the downloaded package.
Run the rpm command to install
Command Format:
rpm {-i|--install} [install-options] PACKAGE_FILE …
General options
-V: verbose, details
-Vv: More detailed information
[Install-options]:
-H: hash marks output progress bar. Each # indicates the progress of 2%.
-- Test: test installation, check and report dependencies and conflicting messages.
-- Nodeps: Ignore dependency
-- Replacepkgs: force the installed software package to be reinstalled.
-- Nosignature: the package signature information is not checked, and the source validity is not checked;
-- Nodigest: The integrity information of the package is not checked;
Note: The script may be run during installation of each program and some preparation operations are performed. The rpm package can contain four types of scripts that are triggered at different times:
Preinstall: the script run before the installation starts. % pre, -- nopre
Postinstall: the script that runs after the installation process is complete, % post, -- nopost
Preuninstall: the script run before the uninstallation starts. % preun, -- nopreun
Postuninstall: the script that runs after the uninstall process is completed, % postun, -- nopostun
Application:
1. The installation process is normal.
2. Ignore dependency
3. Force reinstall
Upgrade
Command Format:
rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...rpm {-F|--freshen} [install-options] PACKAGE_FILE ...
Where
-U: if the old version is installed, upgrade it. If the old version does not exist, install the latest version.
-F: if the old version is installed and the old version does not exist, ignore it.
General options:
-V: verbose, details
-Vv: More detailed information
[Install-options]:
-H: hash marks output progress bar. Each # indicates the progress of 2%.
-- Test: Upgrade test only
-- Oldpackage: downgrade. If the new version has many problems, downgrade is required.
-- Force: force update. If the new version does not provide dependency services for other programs, an error is reported. force update is available.
Note:
(1) kernel upgrades may cause hidden risks. Therefore, do not upgrade the kernel. If you want to test the new kernel version, you can directly install the new kernel version to allow the old version to coexist.
(2) If the configuration file of a package has been modified after installation, during the upgrade, the configuration file of the same name provided by the new version of the program will not overwrite the configuration file of the original version, instead, rename the new configuration file (FILENAME. rpmnew.
Application:
1. Differences between-U and-F:
2. Upgrade "old version"
Uninstall
Command Format:
rpm {-e|--erase} [--allmatches] [--nodeps] [--noscripts] [--test] PACKAGE_NAME ...
Where:
-- Allmatches: Uninstall all versions of the packages that match the specified name
-- Nodeps: Ignore dependency
-- Test: dry run Mode
Query
Command Format:
rpm {-q|--query} [select-options] [query-options]
Where:
[Select-options]
PACKAGE_NAME: query whether the specified package has been installed and its version.
-A, -- all: list all packages that have been installed
-F FILE: query which package generates the specified FILE
-P, -- package PACKAGE_FILE: Used to query uninstalled packages.
-- Whatprovides CAPABILITY: queries which package provides the specified CAPABILITY.
-- Whatrequires CAPABILITY: queries which package the specified CAPABILITY depends on.
[Query-options]
-- Changelog: query the rpm package's changlog. Pay attention to the historical revisions of non-source packages.
-L, -- list: list of all files generated by installation of the program
-I, -- info: information about the package, including the version number, size, and group to which the package belongs.
-C, -- configfiles: query the configuration files provided by the specified package
-D, -- docfiles: query the documentation provided by the specified package
-- Provides: Lists All CAPABILITY provided by the specified package.
-R, -- requires: queries the CAPABILITY on which the specified package depends
-- Scripts: view the script snippets included in the package
Common usage:
-Qi PACKAGE // query the PACKAGE information
-Qf FILE // query which package generates the FILE
-Qc PACKAGE // query the configuration file of the PACKAGE
-Ql PACKAGE // query the list of files generated by the PACKAGE
-Qd PACKAGE // query the documentation generated after the PACKAGE is installed.
-Qpi PACKAGE_FILE // query information about uninstalled packages
-Qpl PACKAGE_FILE // query the list of files to be generated when no package is installed
-Qpc PACKAGE_FILE,... // query the configuration file to be provided by the uninstalled package
Application:
1. query all the CAPABILITY provided by the bash software package
2. query the CAPABILITY on which the sed software package depends
3. query the configuration file of the php-common software package that is not installed.
Verification
Command Format:
rpm {-V|--verify} [select-options] [verify-options]
It is generally used to verify whether all files of the software package have been modified after the software package is installed.
For example:
# Rpm-V zsh // No prompt is returned, that is, the verification is passed # vim/usr/share/zsh/4.3.10/scripts/newuser // Add a "#" # rpm-V zsh # [root @ localhost Packages] # rpm-V zsh s.5 .... t. /usr/share/zsh/4.3.10/scripts/newuser // the file size changes. The MD5 checksum and file modification time change.
If everything is verified correctly, no output is displayed on the screen. If any modification occurs, the related information is displayed on the screen. In the output format, "." indicates that the test passes. If the following characters are used, the test fails:
5: MD5 checksum
S: File Size
L: Symbolic Link
T: file modification time
D: Device
U: User
G: Group
M: mode (including permissions and file types)
? : Unreadable File
Rpm package source validity verification and Integrity Verification
In the image shown above, a warning message is generated every time the software package is installed. During packaging and production, the software package will append its own signature code with one-way encryption. Only the corresponding public key can decrypt and verify the validity of the package and obtain the signature, verify the integrity of the software package by using the signature code. Because there is no corresponding Public Key locally, the above warning message is displayed. At this time, the public key needs to be obtained. The key to obtaining the Public Key is directly related to the source legitimacy of the software package.
First, you must obtain and import the key of the trusted package producer. For the CentOS release:
After the system is installed, the system automatically copies a public key to/etc/pki/rpm-gpg/and imports the public key using commands, as follows:
[root@localhost ~]# rpm -import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Another method is to direct the Key Path to the CD:
[root@localhost ~]# rpm -import /media/RPM-GPG-KEY-CentOS-7
The system will automatically verify the installation of the software package.
You can also manually verify before installing the software package:
Database Reconstruction
Path of the rpm Manager database:
/Var/lib/rpm/
All query operations are performed through the database here.
Command Format:
rpm {--initdb|--rebuilddb} [--dbpath DIRECTORY] [--root DIRECTORY]
Where:
-- Initdb: initializes the database. Currently, no database can be created to create a new database. Currently, no operation is performed.
-- Rebuilddb: re-build, re-create by reading all installed packages on the current system
Application: